The fourth and final meeting of the webinar series that Cyber 4.0, in collaboration with ACN, dedicated to delving into some major aspects of the National Cybersecurity Strategy was held on Wednesday, July 27.
The seminar focused on the topic of training as an enabling factor for the achievement of the Strategy’s goals, with it being the subject of no less than 12 “Measures” found in the Implementation Plan.
The high demand for IT and cybersecurity skills characterizes all business sectors and transversely impacts companies engaged in the digital transition path. The situation in Italy sees a still very low number of:
- professionals and graduates in STEM fields, compared to the demands of the world of work
- companies that promote cybersecurity training and awareness programs for their staff to build and enhance a first line of defense against cyber threats while enabling and/or supporting the digital transition.
How do we address the ever-increasing demands of the cybersecurity workforce by creating and enhancing skills that are useful and suitable for the current challenges posed by the cyber threat and digital transition?
This was the focus of the webinar, the main findings of which are given below.
New professionals and training strategies in cybersecurity
Complex systems, such as today’s Society and its constituent public and private organizations, require cross-disciplinary IT skills, in terms of governance, management and control, and multidisciplinary, considering the pervasiveness of the use of information systems to achieve business objectives and the consequent exposure to cyberspace risks.
The IT and cybersecurity functions are no longer merely a support office for the core business, but increasingly contribute to the definition of business strategies, ensuring structural information flows between the roles and responsibilities in ICT and cybersecurity and those proper to the relevant business (e.g., marketing, operations..).
Therefore, the figure of the CISO (Chief Information Security Officer), whose role is all the more effective the more direct and constant his or her contact with top management, becomes central. For it, it will be necessary to create specific training paths and also to evaluate a dedicated professional certification model in the near future.
In this regard, a point of reference should be the European Cybersecurity Skills Framework, currently being published by the EU Cybersecurity Agency (ENISA), which standardizes skills, knowledge and tasks of a number of cybersecurity job profiles, also in accordance with the EUe-competence framework.
In line with the transversality of the profiles to be trained in cybersecurity, the path of skill creation and strengthening should include practical sessions, for example through simulations of cyber crises. This is also the direction taken by the academic world, where there are numerous initiatives that, including through multidiciplinary and hybrid content, stimulate problem solving skills and creativity, as well as the sharing of experiences. Models of continuous assessment of skills and knowledge, for example through gamification, are also becoming increasingly popular.
Regional vocational training and awareness initiatives.
With the aim of addressing the growing demand for professionals with cybersecurity skills, the Lazio Region has worked, first among regional administrations, to launch a dedicated school, the Accademia Cybersciurezza Lazio (ACL).
The ACL is one of the initiatives agreed upon between the Lazio Region and the National Cybersecurity Agency (NCA) as part of a broader cybersecurity collaboration agreement. Cyber 4.0 has supported the Lazio Region’s work since its inception, providing input in the design phase of the training strategy and operational start-up of the Academy.
The first basic course is scheduled to start on September 20, which will be dedicated to developing profiles called “cybersecurity technician,” and will be accessible to learners with no previous knowledge of IT, possessing at least a high school diploma. This will be followed by higher-level courses-one intermediate and two specialized.
The professional figures that will be trained by the Lazio Cybersecurity Academy have been defined in coherence with the roles provided by the above-mentionedEuropean Cybersecurity Skills Framework and represent new professional standardsthat will be formalized in theAtlas of Jobs and Qualifications.
In parallel with the courses at the Academy, the region will also launch a digital awareness and education initiative in schools.
In addition, the development of training paths dedicated to cybersecurity includes the activities that many regions have initiated by integrating the programs of the Istituti Tecnici Superiori (ITS) to create specialized profiles [Lazio] or by activating new ITSs completely dedicated to the theme of cybersecurity [Campania, Veneto].
Opportunities for businesses: Training 4.0
The issue of vocational training, upskilling or reskilling to cope with the use of new technologies in the company, is also central to the developments of the Enterprise 4.0 plan in the context of the NRP.
In particular, the Training 4.0 Plan provides a tax break for companies, applicable to expenses incurred in digital training. Among the topics covered is cybersecurity.
The program responds to the goal of supporting Italian companies in the digital transformation process through a strengthened focus on technological skill building.
As per the Aid Decree (Article 22) and related Decree of July 8, 2022 of the MISE, Centers of Competence and European Digital Innovation Hubs are among the entities accredited by the Ministry to provide 4.0 training, which can be financed through the tax credit.
In addition, the 4.0 training tax credit rates are increased up to 70 percent for small companies (within an annual limit of EUR 300,000), up to 50 percent for medium-sized companies (limit of EUR 250,000), and held at 30 percent for large companies (within an annual limit of EUR 250,000)
Eligible expenses and the requirements to be met in order to obtain the Credit, are specified in the MISE website dedicated to the Training 4.0 Tax Credit
All Cyber 4.0 training offerings therefore give access to said benefit
For more information and to learn more about our training activities, contact us at cyber@cyber40.it, formazione@cyber40.it.
Presentations from the webinar are available:
Paolo Atzeni, Mission Structure Capabilities and Competencies ACN, Competencies in cybersecurity: articulation and path toward certification of professionalism
Paolo Spagnoletti, LUISS Associate Professor of Business Organization, Preparation and mindfulness for digital (trans)education
Martina Castiglioni, CYBER 4.0 training and orientation manager, Training as a strategic lever of cyber resilience
A recording of the event is also available by clicking here